GhostPoster attacks hide malicious JavaScript in Firefox addon logos

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions counting more ...
FinanceFeeds

Hackers Exploit JavaScript Library to Deploy Crypto Wallet Drainers

Hackers exploit a critical React JavaScript vulnerability, CVE-2025-55182, to deploy crypto wallet drainers on legitimate websites ...

Hackers are exploiting a JavaScript library to plant crypto drainers

Hackers are exploiting a vulnerability in React to inject wallet-draining malware into cryptocurrency websites.

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence mechanisms and leverages Ethereum smart contracts for communication with the ...

Shai Hulud malware turns developers into unwitting distributors in NPM supply chain attacks

Shai Hulud is a malware campaign first observed in September targeting the JavaScript ecosystem that focuses on supply chain ...
Cryptopolitan on MSN

Critical React flaw triggers a wave of crypto wallet drainers

SEAL Security researchers warned that a critical React flaw fueled a surge in wallet-draining attacks on crypto websites.

Malicious Firefox Extensions Hid Malware Inside Their Own Logos, Researchers Warn

Security researchers have uncovered a troubling new malware campaign that has been hiding malicious code inside the logo ...
Cybernews

React vulnerability hits crypto websites with drainers

As reported by Cybernews, the React vulnerability, which enables external attackers to run privileged, arbitrary code on ...
hodlfm

Hackers Exploit React Flaw to Quietly Drain Crypto Wallets

The issue, tracked as CVE-2025-55182, was disclosed on December 3 by the React team after being identified by white-hat ...